Share this story

In 2013, someone gained access to the operations center for the Bowman Avenue Dam, a small flood control dam on Blind Brook in Rye Brook, New York. The attackers were later identified in a classified Department of Homeland Security report as being the same Iranian group alleged to have been responsible for attacks on PNC Financial Services Group, SunTrust, and Capital One Financial.

Calling the intrusion an "attack" may be a bit of an overstatement—the controls of the dam were not accessed, according to government officials cited anonymously by CNN, and only "back office systems" were penetrated. The intrusion was made possible by a broadband cellular modem used to connect the small facility to the Internet, and the Bowman Avenue facility was targeted by a network scan for industrial control systems exposed to the Internet.

The National Security Agency intercepted the incoming scans from Iran, and it passed a list of targeted Internet addresses to the Department of Homeland Security. The address for the network at the Bowman Avenue Dam was among them—but DHS officials were at first concerned that the attackers were going after the Arthur R. Bowman Dam near Prineville, Oregon (an irrigation dam with no floodgate controls, making it pretty much impossible to hack with anything short of Internet-connected dynamite). Eventually the IP address involved was traced to the small flood control dam in Rye.

However, eager to "name and shame" state-sanctioned intrusions and attacks on US critical infrastructure, the DHS and Department of Justice have decided to move forward three years later with a case against those believed to be behind the Bowman Avenue hack. When asked about the pending case, Department of Justice spokesperson Marc Raimondi said in written statement to CNN that the DOJ takes "malicious activity in cyberspace seriously, and we will continue to use all the tools at our disposal to prevent, deter, detect, counter and mitigate such activity."

Share this story

Sean Gallagher
Sean is Ars Technica's IT and National Security Editor. A former Navy officer, systems administrator, and network systems integrator with 20 years of IT journalism experience, he lives and works in Baltimore, Maryland. Emailsean.gallagher@arstechnica.com//Twitter@thepacketrat